Merge changes Idf36e20c,Idf9f43b3,I420058ae into udc-qpr-dev
* changes:
ui: Pull DisplayMap.h from SF
SF: Encapsulate frame targeting
SF: Redefine VsyncId using FTL mixins
diff --git a/cmds/dumpstate/tests/dumpstate_test.cpp b/cmds/dumpstate/tests/dumpstate_test.cpp
index 5cbcf9f..a417837 100644
--- a/cmds/dumpstate/tests/dumpstate_test.cpp
+++ b/cmds/dumpstate/tests/dumpstate_test.cpp
@@ -1001,7 +1001,7 @@
// These traces are always enabled, i.e. they are always pre-dumped
const std::vector<std::filesystem::path> uiTraces = {
std::filesystem::path{"/data/misc/wmtrace/transactions_trace.winscope"},
- std::filesystem::path{"/data/misc/wmtrace/transition_trace.winscope"},
+ std::filesystem::path{"/data/misc/wmtrace/wm_transition_trace.winscope"},
std::filesystem::path{"/data/misc/wmtrace/shell_transition_trace.winscope"},
};
diff --git a/libs/binder/ActivityManager.cpp b/libs/binder/ActivityManager.cpp
index e45a656..aca5009 100644
--- a/libs/binder/ActivityManager.cpp
+++ b/libs/binder/ActivityManager.cpp
@@ -75,6 +75,20 @@
return DEAD_OBJECT;
}
+status_t ActivityManager::registerUidObserverForUids(const sp<IUidObserver>& observer,
+ const int32_t event, const int32_t cutpoint,
+ const String16& callingPackage,
+ const int32_t uids[], size_t nUids,
+ /*out*/ sp<IBinder>& observerToken) {
+ sp<IActivityManager> service = getService();
+ if (service != nullptr) {
+ return service->registerUidObserverForUids(observer, event, cutpoint, callingPackage, uids,
+ nUids, observerToken);
+ }
+ // ActivityManagerService appears dead. Return usual error code for dead service.
+ return DEAD_OBJECT;
+}
+
status_t ActivityManager::unregisterUidObserver(const sp<IUidObserver>& observer)
{
sp<IActivityManager> service = getService();
@@ -85,6 +99,26 @@
return DEAD_OBJECT;
}
+status_t ActivityManager::addUidToObserver(const sp<IBinder>& observerToken,
+ const String16& callingPackage, int32_t uid) {
+ sp<IActivityManager> service = getService();
+ if (service != nullptr) {
+ return service->addUidToObserver(observerToken, callingPackage, uid);
+ }
+ // ActivityManagerService appears dead. Return usual error code for dead service.
+ return DEAD_OBJECT;
+}
+
+status_t ActivityManager::removeUidFromObserver(const sp<IBinder>& observerToken,
+ const String16& callingPackage, int32_t uid) {
+ sp<IActivityManager> service = getService();
+ if (service != nullptr) {
+ return service->removeUidFromObserver(observerToken, callingPackage, uid);
+ }
+ // ActivityManagerService appears dead. Return usual error code for dead service.
+ return DEAD_OBJECT;
+}
+
bool ActivityManager::isUidActive(const uid_t uid, const String16& callingPackage)
{
sp<IActivityManager> service = getService();
diff --git a/libs/binder/IActivityManager.cpp b/libs/binder/IActivityManager.cpp
index ebdaa4c..84900a7 100644
--- a/libs/binder/IActivityManager.cpp
+++ b/libs/binder/IActivityManager.cpp
@@ -77,6 +77,30 @@
return OK;
}
+ virtual status_t registerUidObserverForUids(const sp<IUidObserver>& observer,
+ const int32_t event, const int32_t cutpoint,
+ const String16& callingPackage,
+ const int32_t uids[], size_t nUids,
+ /*out*/ sp<IBinder>& observerToken) {
+ Parcel data, reply;
+ data.writeInterfaceToken(IActivityManager::getInterfaceDescriptor());
+ data.writeStrongBinder(IInterface::asBinder(observer));
+ data.writeInt32(event);
+ data.writeInt32(cutpoint);
+ data.writeString16(callingPackage);
+ data.writeInt32Array(nUids, uids);
+ status_t err =
+ remote()->transact(REGISTER_UID_OBSERVER_FOR_UIDS_TRANSACTION, data, &reply);
+ if (err != NO_ERROR || ((err = reply.readExceptionCode()) != NO_ERROR)) {
+ return err;
+ }
+ err = reply.readStrongBinder(&observerToken);
+ if (err != NO_ERROR || ((err = reply.readExceptionCode()) != NO_ERROR)) {
+ return err;
+ }
+ return OK;
+ }
+
virtual status_t unregisterUidObserver(const sp<IUidObserver>& observer)
{
Parcel data, reply;
@@ -89,6 +113,34 @@
return OK;
}
+ virtual status_t addUidToObserver(const sp<IBinder>& observerToken,
+ const String16& callingPackage, int32_t uid) {
+ Parcel data, reply;
+ data.writeInterfaceToken(IActivityManager::getInterfaceDescriptor());
+ data.writeStrongBinder(observerToken);
+ data.writeString16(callingPackage);
+ data.writeInt32(uid);
+ status_t err = remote()->transact(ADD_UID_TO_OBSERVER_TRANSACTION, data, &reply);
+ if (err != NO_ERROR || ((err = reply.readExceptionCode()) != NO_ERROR)) {
+ return err;
+ }
+ return OK;
+ }
+
+ virtual status_t removeUidFromObserver(const sp<IBinder>& observerToken,
+ const String16& callingPackage, int32_t uid) {
+ Parcel data, reply;
+ data.writeInterfaceToken(IActivityManager::getInterfaceDescriptor());
+ data.writeStrongBinder(observerToken);
+ data.writeString16(callingPackage);
+ data.writeInt32(uid);
+ status_t err = remote()->transact(REMOVE_UID_FROM_OBSERVER_TRANSACTION, data, &reply);
+ if (err != NO_ERROR || ((err = reply.readExceptionCode()) != NO_ERROR)) {
+ return err;
+ }
+ return OK;
+ }
+
virtual bool isUidActive(const uid_t uid, const String16& callingPackage)
{
Parcel data, reply;
diff --git a/libs/binder/include_activitymanager/binder/ActivityManager.h b/libs/binder/include_activitymanager/binder/ActivityManager.h
index 5dfbd44..9c634c7 100644
--- a/libs/binder/include_activitymanager/binder/ActivityManager.h
+++ b/libs/binder/include_activitymanager/binder/ActivityManager.h
@@ -82,7 +82,15 @@
const int32_t event,
const int32_t cutpoint,
const String16& callingPackage);
+ status_t registerUidObserverForUids(const sp<IUidObserver>& observer, const int32_t event,
+ const int32_t cutpoint, const String16& callingPackage,
+ const int32_t uids[], size_t nUids,
+ /*out*/ sp<IBinder>& observerToken);
status_t unregisterUidObserver(const sp<IUidObserver>& observer);
+ status_t addUidToObserver(const sp<IBinder>& observerToken, const String16& callingPackage,
+ int32_t uid);
+ status_t removeUidFromObserver(const sp<IBinder>& observerToken, const String16& callingPackage,
+ int32_t uid);
bool isUidActive(const uid_t uid, const String16& callingPackage);
int getUidProcessState(const uid_t uid, const String16& callingPackage);
status_t checkPermission(const String16& permission, const pid_t pid, const uid_t uid, int32_t* outResult);
diff --git a/libs/binder/include_activitymanager/binder/IActivityManager.h b/libs/binder/include_activitymanager/binder/IActivityManager.h
index 20d12ae..07450c6 100644
--- a/libs/binder/include_activitymanager/binder/IActivityManager.h
+++ b/libs/binder/include_activitymanager/binder/IActivityManager.h
@@ -35,7 +35,16 @@
const int32_t event,
const int32_t cutpoint,
const String16& callingPackage) = 0;
+ virtual status_t registerUidObserverForUids(const sp<IUidObserver>& observer,
+ const int32_t event, const int32_t cutpoint,
+ const String16& callingPackage,
+ const int32_t uids[], size_t nUids,
+ /*out*/ sp<IBinder>& observerToken) = 0;
virtual status_t unregisterUidObserver(const sp<IUidObserver>& observer) = 0;
+ virtual status_t addUidToObserver(const sp<IBinder>& observerToken,
+ const String16& callingPackage, int32_t uid) = 0;
+ virtual status_t removeUidFromObserver(const sp<IBinder>& observerToken,
+ const String16& callingPackage, int32_t uid) = 0;
virtual bool isUidActive(const uid_t uid, const String16& callingPackage) = 0;
virtual int32_t getUidProcessState(const uid_t uid, const String16& callingPackage) = 0;
virtual status_t checkPermission(const String16& permission,
@@ -51,6 +60,9 @@
OPEN_CONTENT_URI_TRANSACTION = IBinder::FIRST_CALL_TRANSACTION,
REGISTER_UID_OBSERVER_TRANSACTION,
UNREGISTER_UID_OBSERVER_TRANSACTION,
+ REGISTER_UID_OBSERVER_FOR_UIDS_TRANSACTION,
+ ADD_UID_TO_OBSERVER_TRANSACTION,
+ REMOVE_UID_FROM_OBSERVER_TRANSACTION,
IS_UID_ACTIVE_TRANSACTION,
GET_UID_PROCESS_STATE_TRANSACTION,
CHECK_PERMISSION_TRANSACTION,
diff --git a/libs/gui/Android.bp b/libs/gui/Android.bp
index 33bb343..80fed98 100644
--- a/libs/gui/Android.bp
+++ b/libs/gui/Android.bp
@@ -226,6 +226,7 @@
"ITransactionCompletedListener.cpp",
"LayerDebugInfo.cpp",
"LayerMetadata.cpp",
+ "LayerStatePermissions.cpp",
"LayerState.cpp",
"OccupancyTracker.cpp",
"StreamSplitter.cpp",
diff --git a/libs/gui/ISurfaceComposer.cpp b/libs/gui/ISurfaceComposer.cpp
index cefb9a7..d72f65e 100644
--- a/libs/gui/ISurfaceComposer.cpp
+++ b/libs/gui/ISurfaceComposer.cpp
@@ -62,7 +62,7 @@
status_t setTransactionState(const FrameTimelineInfo& frameTimelineInfo,
Vector<ComposerState>& state, const Vector<DisplayState>& displays,
uint32_t flags, const sp<IBinder>& applyToken,
- const InputWindowCommands& commands, int64_t desiredPresentTime,
+ InputWindowCommands commands, int64_t desiredPresentTime,
bool isAutoTimestamp,
const std::vector<client_cache_t>& uncacheBuffers,
bool hasListenerCallbacks,
@@ -188,9 +188,9 @@
SAFE_PARCEL(data.readUint64, &transactionId);
return setTransactionState(frameTimelineInfo, state, displays, stateFlags, applyToken,
- inputWindowCommands, desiredPresentTime, isAutoTimestamp,
- uncacheBuffers, hasListenerCallbacks, listenerCallbacks,
- transactionId);
+ std::move(inputWindowCommands), desiredPresentTime,
+ isAutoTimestamp, uncacheBuffers, hasListenerCallbacks,
+ listenerCallbacks, transactionId);
}
default: {
return BBinder::onTransact(code, data, reply, flags);
diff --git a/libs/gui/LayerStatePermissions.cpp b/libs/gui/LayerStatePermissions.cpp
new file mode 100644
index 0000000..28697ca
--- /dev/null
+++ b/libs/gui/LayerStatePermissions.cpp
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <binder/IPCThreadState.h>
+#include <gui/LayerStatePermissions.h>
+#include <private/android_filesystem_config.h>
+#ifndef __ANDROID_VNDK__
+#include <binder/PermissionCache.h>
+#endif // __ANDROID_VNDK__
+#include <gui/LayerState.h>
+
+namespace android {
+std::unordered_map<std::string, int> LayerStatePermissions::mPermissionMap = {
+ // If caller has ACCESS_SURFACE_FLINGER, they automatically get ROTATE_SURFACE_FLINGER
+ // permission, as well
+ {"android.permission.ACCESS_SURFACE_FLINGER",
+ layer_state_t::Permission::ACCESS_SURFACE_FLINGER |
+ layer_state_t::Permission::ROTATE_SURFACE_FLINGER},
+ {"android.permission.ROTATE_SURFACE_FLINGER",
+ layer_state_t::Permission::ROTATE_SURFACE_FLINGER},
+ {"android.permission.INTERNAL_SYSTEM_WINDOW",
+ layer_state_t::Permission::INTERNAL_SYSTEM_WINDOW},
+};
+
+static bool callingThreadHasPermission(const std::string& permission __attribute__((unused)),
+ int pid __attribute__((unused)),
+ int uid __attribute__((unused))) {
+#ifndef __ANDROID_VNDK__
+ return uid == AID_GRAPHICS || uid == AID_SYSTEM ||
+ PermissionCache::checkPermission(String16(permission.c_str()), pid, uid);
+#endif // __ANDROID_VNDK__
+ return false;
+}
+
+uint32_t LayerStatePermissions::getTransactionPermissions(int pid, int uid) {
+ uint32_t permissions = 0;
+ for (auto [permissionName, permissionVal] : mPermissionMap) {
+ if (callingThreadHasPermission(permissionName, pid, uid)) {
+ permissions |= permissionVal;
+ }
+ }
+
+ return permissions;
+}
+} // namespace android
diff --git a/libs/gui/SurfaceComposerClient.cpp b/libs/gui/SurfaceComposerClient.cpp
index eb5cc4f..1b13ec1 100644
--- a/libs/gui/SurfaceComposerClient.cpp
+++ b/libs/gui/SurfaceComposerClient.cpp
@@ -54,6 +54,7 @@
#include <ui/DynamicDisplayInfo.h>
#include <android-base/thread_annotations.h>
+#include <gui/LayerStatePermissions.h>
#include <private/gui/ComposerService.h>
#include <private/gui/ComposerServiceAIDL.h>
@@ -716,11 +717,16 @@
mListenerCallbacks = other.mListenerCallbacks;
}
-void SurfaceComposerClient::Transaction::sanitize() {
+void SurfaceComposerClient::Transaction::sanitize(int pid, int uid) {
+ uint32_t permissions = LayerStatePermissions::getTransactionPermissions(pid, uid);
for (auto & [handle, composerState] : mComposerStates) {
- composerState.state.sanitize(0 /* permissionMask */);
+ composerState.state.sanitize(permissions);
}
- mInputWindowCommands.clear();
+ if (!mInputWindowCommands.empty() &&
+ (permissions & layer_state_t::Permission::ACCESS_SURFACE_FLINGER) == 0) {
+ ALOGE("Only privileged callers are allowed to send input commands.");
+ mInputWindowCommands.clear();
+ }
}
std::unique_ptr<SurfaceComposerClient::Transaction>
diff --git a/libs/gui/include/gui/ISurfaceComposer.h b/libs/gui/include/gui/ISurfaceComposer.h
index 1e67225..bd21851 100644
--- a/libs/gui/include/gui/ISurfaceComposer.h
+++ b/libs/gui/include/gui/ISurfaceComposer.h
@@ -113,7 +113,7 @@
virtual status_t setTransactionState(
const FrameTimelineInfo& frameTimelineInfo, Vector<ComposerState>& state,
const Vector<DisplayState>& displays, uint32_t flags, const sp<IBinder>& applyToken,
- const InputWindowCommands& inputWindowCommands, int64_t desiredPresentTime,
+ InputWindowCommands inputWindowCommands, int64_t desiredPresentTime,
bool isAutoTimestamp, const std::vector<client_cache_t>& uncacheBuffer,
bool hasListenerCallbacks, const std::vector<ListenerCallbacks>& listenerCallbacks,
uint64_t transactionId) = 0;
diff --git a/libs/gui/include/gui/LayerStatePermissions.h b/libs/gui/include/gui/LayerStatePermissions.h
new file mode 100644
index 0000000..a90f30c
--- /dev/null
+++ b/libs/gui/include/gui/LayerStatePermissions.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdint.h>
+#include <string>
+#include <unordered_map>
+
+namespace android {
+class LayerStatePermissions {
+public:
+ static uint32_t getTransactionPermissions(int pid, int uid);
+
+private:
+ static std::unordered_map<std::string, int> mPermissionMap;
+};
+} // namespace android
\ No newline at end of file
diff --git a/libs/gui/include/gui/SurfaceComposerClient.h b/libs/gui/include/gui/SurfaceComposerClient.h
index 945b164..8d2cdaf 100644
--- a/libs/gui/include/gui/SurfaceComposerClient.h
+++ b/libs/gui/include/gui/SurfaceComposerClient.h
@@ -744,7 +744,7 @@
*
* TODO (b/213644870): Remove all permissioned things from Transaction
*/
- void sanitize();
+ void sanitize(int pid, int uid);
static sp<IBinder> getDefaultApplyToken();
static void setDefaultApplyToken(sp<IBinder> applyToken);
diff --git a/libs/gui/tests/Surface_test.cpp b/libs/gui/tests/Surface_test.cpp
index fccc408..5bc6904 100644
--- a/libs/gui/tests/Surface_test.cpp
+++ b/libs/gui/tests/Surface_test.cpp
@@ -699,7 +699,7 @@
Vector<ComposerState>& /*state*/,
const Vector<DisplayState>& /*displays*/, uint32_t /*flags*/,
const sp<IBinder>& /*applyToken*/,
- const InputWindowCommands& /*inputWindowCommands*/,
+ InputWindowCommands /*inputWindowCommands*/,
int64_t /*desiredPresentTime*/, bool /*isAutoTimestamp*/,
const std::vector<client_cache_t>& /*cachedBuffer*/,
bool /*hasListenerCallbacks*/,
diff --git a/opengl/libs/EGL/egl_display.cpp b/opengl/libs/EGL/egl_display.cpp
index 9823fc8..525fed1 100644
--- a/opengl/libs/EGL/egl_display.cpp
+++ b/opengl/libs/EGL/egl_display.cpp
@@ -326,10 +326,10 @@
// device's present timestamps are reliable (which may not be the case on emulators).
if (cnx->useAngle) {
if (android::base::GetBoolProperty("service.sf.present_timestamp", false)) {
- mExtensionString.append("EGL_ANDROID_get_frame_timestamps");
+ mExtensionString.append("EGL_ANDROID_get_frame_timestamps ");
}
} else {
- mExtensionString.append("EGL_ANDROID_get_frame_timestamps");
+ mExtensionString.append("EGL_ANDROID_get_frame_timestamps ");
}
hasColorSpaceSupport = findExtension(disp.queryString.extensions, "EGL_KHR_gl_colorspace");
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp
index 0120eb1..a5f4286 100644
--- a/services/surfaceflinger/SurfaceFlinger.cpp
+++ b/services/surfaceflinger/SurfaceFlinger.cpp
@@ -111,6 +111,7 @@
#include <unordered_map>
#include <vector>
+#include <gui/LayerStatePermissions.h>
#include <ui/DisplayIdentification.h>
#include "BackgroundExecutor.h"
#include "Client.h"
@@ -4314,7 +4315,7 @@
transaction.inputWindowCommands,
transaction.desiredPresentTime, transaction.isAutoTimestamp,
std::move(transaction.uncacheBufferIds), transaction.postTime,
- transaction.permissions, transaction.hasListenerCallbacks,
+ transaction.hasListenerCallbacks,
transaction.listenerCallbacks, transaction.originPid,
transaction.originUid, transaction.id);
}
@@ -4393,24 +4394,27 @@
status_t SurfaceFlinger::setTransactionState(
const FrameTimelineInfo& frameTimelineInfo, Vector<ComposerState>& states,
const Vector<DisplayState>& displays, uint32_t flags, const sp<IBinder>& applyToken,
- const InputWindowCommands& inputWindowCommands, int64_t desiredPresentTime,
- bool isAutoTimestamp, const std::vector<client_cache_t>& uncacheBuffers,
- bool hasListenerCallbacks, const std::vector<ListenerCallbacks>& listenerCallbacks,
- uint64_t transactionId) {
+ InputWindowCommands inputWindowCommands, int64_t desiredPresentTime, bool isAutoTimestamp,
+ const std::vector<client_cache_t>& uncacheBuffers, bool hasListenerCallbacks,
+ const std::vector<ListenerCallbacks>& listenerCallbacks, uint64_t transactionId) {
ATRACE_CALL();
- uint32_t permissions =
- callingThreadHasUnscopedSurfaceFlingerAccess() ?
- layer_state_t::Permission::ACCESS_SURFACE_FLINGER : 0;
- // Avoid checking for rotation permissions if the caller already has ACCESS_SURFACE_FLINGER
- // permissions.
- if ((permissions & layer_state_t::Permission::ACCESS_SURFACE_FLINGER) ||
- callingThreadHasPermission(sRotateSurfaceFlinger)) {
- permissions |= layer_state_t::Permission::ROTATE_SURFACE_FLINGER;
+ IPCThreadState* ipc = IPCThreadState::self();
+ const int originPid = ipc->getCallingPid();
+ const int originUid = ipc->getCallingUid();
+ uint32_t permissions = LayerStatePermissions::getTransactionPermissions(originPid, originUid);
+ for (auto composerState : states) {
+ composerState.state.sanitize(permissions);
}
- if (callingThreadHasPermission(sInternalSystemWindow)) {
- permissions |= layer_state_t::Permission::INTERNAL_SYSTEM_WINDOW;
+ for (DisplayState display : displays) {
+ display.sanitize(permissions);
+ }
+
+ if (!inputWindowCommands.empty() &&
+ (permissions & layer_state_t::Permission::ACCESS_SURFACE_FLINGER) == 0) {
+ ALOGE("Only privileged callers are allowed to send input commands.");
+ inputWindowCommands.clear();
}
if (flags & (eEarlyWakeupStart | eEarlyWakeupEnd)) {
@@ -4426,10 +4430,6 @@
const int64_t postTime = systemTime();
- IPCThreadState* ipc = IPCThreadState::self();
- const int originPid = ipc->getCallingPid();
- const int originUid = ipc->getCallingUid();
-
std::vector<uint64_t> uncacheBufferIds;
uncacheBufferIds.reserve(uncacheBuffers.size());
for (const auto& uncacheBuffer : uncacheBuffers) {
@@ -4476,12 +4476,11 @@
displays,
flags,
applyToken,
- inputWindowCommands,
+ std::move(inputWindowCommands),
desiredPresentTime,
isAutoTimestamp,
std::move(uncacheBufferIds),
postTime,
- permissions,
hasListenerCallbacks,
listenerCallbacks,
originPid,
@@ -4510,14 +4509,12 @@
const InputWindowCommands& inputWindowCommands,
const int64_t desiredPresentTime, bool isAutoTimestamp,
const std::vector<uint64_t>& uncacheBufferIds,
- const int64_t postTime, uint32_t permissions,
- bool hasListenerCallbacks,
+ const int64_t postTime, bool hasListenerCallbacks,
const std::vector<ListenerCallbacks>& listenerCallbacks,
int originPid, int originUid, uint64_t transactionId) {
uint32_t transactionFlags = 0;
if (!mLayerLifecycleManagerEnabled) {
for (DisplayState& display : displays) {
- display.sanitize(permissions);
transactionFlags |= setDisplayStateLocked(display);
}
}
@@ -4534,12 +4531,12 @@
if (mLegacyFrontEndEnabled) {
clientStateFlags |=
setClientStateLocked(frameTimelineInfo, resolvedState, desiredPresentTime,
- isAutoTimestamp, postTime, permissions, transactionId);
+ isAutoTimestamp, postTime, transactionId);
} else /*mLayerLifecycleManagerEnabled*/ {
clientStateFlags |= updateLayerCallbacksAndStats(frameTimelineInfo, resolvedState,
desiredPresentTime, isAutoTimestamp,
- postTime, permissions, transactionId);
+ postTime, transactionId);
}
if ((flags & eAnimation) && resolvedState.state.surface) {
if (const auto layer = LayerHandle::getLayer(resolvedState.state.surface)) {
@@ -4556,12 +4553,7 @@
}
transactionFlags |= clientStateFlags;
-
- if (permissions & layer_state_t::Permission::ACCESS_SURFACE_FLINGER) {
- transactionFlags |= addInputWindowCommands(inputWindowCommands);
- } else if (!inputWindowCommands.empty()) {
- ALOGE("Only privileged callers are allowed to send input commands.");
- }
+ transactionFlags |= addInputWindowCommands(inputWindowCommands);
for (uint64_t uncacheBufferId : uncacheBufferIds) {
mBufferIdsToUncache.push_back(uncacheBufferId);
@@ -4598,7 +4590,6 @@
uint32_t transactionFlags = 0;
for (auto& transaction : transactions) {
for (DisplayState& display : transaction.displays) {
- display.sanitize(transaction.permissions);
transactionFlags |= setDisplayStateLocked(display);
}
}
@@ -4697,10 +4688,8 @@
uint32_t SurfaceFlinger::setClientStateLocked(const FrameTimelineInfo& frameTimelineInfo,
ResolvedComposerState& composerState,
int64_t desiredPresentTime, bool isAutoTimestamp,
- int64_t postTime, uint32_t permissions,
- uint64_t transactionId) {
+ int64_t postTime, uint64_t transactionId) {
layer_state_t& s = composerState.state;
- s.sanitize(permissions);
std::vector<ListenerCallbacks> filteredListeners;
for (auto& listener : s.listeners) {
@@ -5049,10 +5038,8 @@
ResolvedComposerState& composerState,
int64_t desiredPresentTime,
bool isAutoTimestamp, int64_t postTime,
- uint32_t permissions,
uint64_t transactionId) {
layer_state_t& s = composerState.state;
- s.sanitize(permissions);
std::vector<ListenerCallbacks> filteredListeners;
for (auto& listener : s.listeners) {
@@ -5334,7 +5321,6 @@
const nsecs_t now = systemTime();
state.desiredPresentTime = now;
state.postTime = now;
- state.permissions = layer_state_t::ACCESS_SURFACE_FLINGER;
state.originPid = mPid;
state.originUid = static_cast<int>(getuid());
const uint64_t transactionId = (static_cast<uint64_t>(mPid) << 32) | mUniqueTransactionId++;
diff --git a/services/surfaceflinger/SurfaceFlinger.h b/services/surfaceflinger/SurfaceFlinger.h
index 96e7bc8..1db2ab6 100644
--- a/services/surfaceflinger/SurfaceFlinger.h
+++ b/services/surfaceflinger/SurfaceFlinger.h
@@ -511,7 +511,7 @@
status_t setTransactionState(const FrameTimelineInfo& frameTimelineInfo,
Vector<ComposerState>& state, const Vector<DisplayState>& displays,
uint32_t flags, const sp<IBinder>& applyToken,
- const InputWindowCommands& inputWindowCommands,
+ InputWindowCommands inputWindowCommands,
int64_t desiredPresentTime, bool isAutoTimestamp,
const std::vector<client_cache_t>& uncacheBuffers,
bool hasListenerCallbacks,
@@ -731,14 +731,16 @@
/*
* Transactions
*/
- bool applyTransactionState(
- const FrameTimelineInfo& info, std::vector<ResolvedComposerState>& state,
- Vector<DisplayState>& displays, uint32_t flags,
- const InputWindowCommands& inputWindowCommands, const int64_t desiredPresentTime,
- bool isAutoTimestamp, const std::vector<uint64_t>& uncacheBufferIds,
- const int64_t postTime, uint32_t permissions, bool hasListenerCallbacks,
- const std::vector<ListenerCallbacks>& listenerCallbacks, int originPid, int originUid,
- uint64_t transactionId) REQUIRES(mStateLock);
+ bool applyTransactionState(const FrameTimelineInfo& info,
+ std::vector<ResolvedComposerState>& state,
+ Vector<DisplayState>& displays, uint32_t flags,
+ const InputWindowCommands& inputWindowCommands,
+ const int64_t desiredPresentTime, bool isAutoTimestamp,
+ const std::vector<uint64_t>& uncacheBufferIds,
+ const int64_t postTime, bool hasListenerCallbacks,
+ const std::vector<ListenerCallbacks>& listenerCallbacks,
+ int originPid, int originUid, uint64_t transactionId)
+ REQUIRES(mStateLock);
// Flush pending transactions that were presented after desiredPresentTime.
// For test only
bool flushTransactionQueues(VsyncId) REQUIRES(kMainThreadContext);
@@ -759,12 +761,11 @@
uint32_t setClientStateLocked(const FrameTimelineInfo&, ResolvedComposerState&,
int64_t desiredPresentTime, bool isAutoTimestamp,
- int64_t postTime, uint32_t permissions, uint64_t transactionId)
- REQUIRES(mStateLock);
+ int64_t postTime, uint64_t transactionId) REQUIRES(mStateLock);
uint32_t updateLayerCallbacksAndStats(const FrameTimelineInfo&, ResolvedComposerState&,
int64_t desiredPresentTime, bool isAutoTimestamp,
- int64_t postTime, uint32_t permissions,
- uint64_t transactionId) REQUIRES(mStateLock);
+ int64_t postTime, uint64_t transactionId)
+ REQUIRES(mStateLock);
uint32_t getTransactionFlags() const;
// Sets the masked bits, and schedules a commit if needed.
diff --git a/services/surfaceflinger/TransactionState.h b/services/surfaceflinger/TransactionState.h
index 35c8b6c..62a7dfd 100644
--- a/services/surfaceflinger/TransactionState.h
+++ b/services/surfaceflinger/TransactionState.h
@@ -54,7 +54,7 @@
const Vector<DisplayState>& displayStates, uint32_t transactionFlags,
const sp<IBinder>& applyToken, const InputWindowCommands& inputWindowCommands,
int64_t desiredPresentTime, bool isAutoTimestamp,
- std::vector<uint64_t> uncacheBufferIds, int64_t postTime, uint32_t permissions,
+ std::vector<uint64_t> uncacheBufferIds, int64_t postTime,
bool hasListenerCallbacks, std::vector<ListenerCallbacks> listenerCallbacks,
int originPid, int originUid, uint64_t transactionId)
: frameTimelineInfo(frameTimelineInfo),
@@ -67,7 +67,6 @@
isAutoTimestamp(isAutoTimestamp),
uncacheBufferIds(std::move(uncacheBufferIds)),
postTime(postTime),
- permissions(permissions),
hasListenerCallbacks(hasListenerCallbacks),
listenerCallbacks(listenerCallbacks),
originPid(originPid),
@@ -126,7 +125,6 @@
bool isAutoTimestamp;
std::vector<uint64_t> uncacheBufferIds;
int64_t postTime;
- uint32_t permissions;
bool hasListenerCallbacks;
std::vector<ListenerCallbacks> listenerCallbacks;
int originPid;
diff --git a/services/surfaceflinger/tests/Credentials_test.cpp b/services/surfaceflinger/tests/Credentials_test.cpp
index 4a45eb5..69e9a16 100644
--- a/services/surfaceflinger/tests/Credentials_test.cpp
+++ b/services/surfaceflinger/tests/Credentials_test.cpp
@@ -31,6 +31,7 @@
#include <utils/String8.h>
#include <functional>
#include "utils/ScreenshotUtils.h"
+#include "utils/WindowInfosListenerUtils.h"
namespace android {
@@ -378,6 +379,58 @@
ASSERT_NE(static_cast<ColorMode>(BAD_VALUE), colorMode);
}
+TEST_F(CredentialsTest, TransactionPermissionTest) {
+ WindowInfosListenerUtils windowInfosListenerUtils;
+ std::string name = "Test Layer";
+ sp<IBinder> token = sp<BBinder>::make();
+ WindowInfo windowInfo;
+ windowInfo.name = name;
+ windowInfo.token = token;
+ sp<SurfaceControl> surfaceControl =
+ mComposerClient->createSurface(String8(name.c_str()), 100, 100, PIXEL_FORMAT_RGBA_8888,
+ ISurfaceComposerClient::eFXSurfaceBufferState);
+ const Rect crop(0, 0, 100, 100);
+ {
+ UIDFaker f(AID_SYSTEM);
+ Transaction()
+ .setLayerStack(surfaceControl, ui::DEFAULT_LAYER_STACK)
+ .show(surfaceControl)
+ .setLayer(surfaceControl, INT32_MAX - 1)
+ .setCrop(surfaceControl, crop)
+ .setInputWindowInfo(surfaceControl, windowInfo)
+ .apply();
+ }
+
+ // Called from non privileged process
+ Transaction().setTrustedOverlay(surfaceControl, true);
+ {
+ UIDFaker f(AID_SYSTEM);
+ auto windowIsPresentAndNotTrusted = [&](const std::vector<WindowInfo>& windowInfos) {
+ auto foundWindowInfo =
+ WindowInfosListenerUtils::findMatchingWindowInfo(windowInfo, windowInfos);
+ if (!foundWindowInfo) {
+ return false;
+ }
+ return !foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY);
+ };
+ windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndNotTrusted);
+ }
+
+ {
+ UIDFaker f(AID_SYSTEM);
+ Transaction().setTrustedOverlay(surfaceControl, true);
+ auto windowIsPresentAndTrusted = [&](const std::vector<WindowInfo>& windowInfos) {
+ auto foundWindowInfo =
+ WindowInfosListenerUtils::findMatchingWindowInfo(windowInfo, windowInfos);
+ if (!foundWindowInfo) {
+ return false;
+ }
+ return foundWindowInfo->inputConfig.test(WindowInfo::InputConfig::TRUSTED_OVERLAY);
+ };
+ windowInfosListenerUtils.waitForWindowInfosPredicate(windowIsPresentAndTrusted);
+ }
+}
+
} // namespace android
// TODO(b/129481165): remove the #pragma below and fix conversion issues
diff --git a/services/surfaceflinger/tests/WindowInfosListener_test.cpp b/services/surfaceflinger/tests/WindowInfosListener_test.cpp
index 3f27360..ad9a674 100644
--- a/services/surfaceflinger/tests/WindowInfosListener_test.cpp
+++ b/services/surfaceflinger/tests/WindowInfosListener_test.cpp
@@ -20,11 +20,13 @@
#include <private/android_filesystem_config.h>
#include <cstdint>
#include <future>
+#include "utils/WindowInfosListenerUtils.h"
namespace android {
using Transaction = SurfaceComposerClient::Transaction;
using gui::DisplayInfo;
using gui::WindowInfo;
+constexpr auto findMatchingWindowInfo = WindowInfosListenerUtils::findMatchingWindowInfo;
using WindowInfosPredicate = std::function<bool(const std::vector<WindowInfo>&)>;
@@ -37,45 +39,14 @@
void TearDown() override { seteuid(AID_ROOT); }
- struct WindowInfosListener : public gui::WindowInfosListener {
- public:
- WindowInfosListener(WindowInfosPredicate predicate, std::promise<void>& promise)
- : mPredicate(std::move(predicate)), mPromise(promise) {}
-
- void onWindowInfosChanged(const gui::WindowInfosUpdate& update) override {
- if (mPredicate(update.windowInfos)) {
- mPromise.set_value();
- }
- }
-
- private:
- WindowInfosPredicate mPredicate;
- std::promise<void>& mPromise;
- };
-
sp<SurfaceComposerClient> mClient;
+ WindowInfosListenerUtils mWindowInfosListenerUtils;
- bool waitForWindowInfosPredicate(WindowInfosPredicate predicate) {
- std::promise<void> promise;
- auto listener = sp<WindowInfosListener>::make(std::move(predicate), promise);
- mClient->addWindowInfosListener(listener);
- auto future = promise.get_future();
- bool satisfied = future.wait_for(std::chrono::seconds{1}) == std::future_status::ready;
- mClient->removeWindowInfosListener(listener);
- return satisfied;
+ bool waitForWindowInfosPredicate(const WindowInfosPredicate& predicate) {
+ return mWindowInfosListenerUtils.waitForWindowInfosPredicate(std::move(predicate));
}
};
-const WindowInfo* findMatchingWindowInfo(const WindowInfo& targetWindowInfo,
- const std::vector<WindowInfo>& windowInfos) {
- for (const WindowInfo& windowInfo : windowInfos) {
- if (windowInfo.token == targetWindowInfo.token) {
- return &windowInfo;
- }
- }
- return nullptr;
-}
-
TEST_F(WindowInfosListenerTest, WindowInfoAddedAndRemoved) {
std::string name = "Test Layer";
sp<IBinder> token = sp<BBinder>::make();
diff --git a/services/surfaceflinger/tests/unittests/TransactionApplicationTest.cpp b/services/surfaceflinger/tests/unittests/TransactionApplicationTest.cpp
index dbb7c6c..6a641b3 100644
--- a/services/surfaceflinger/tests/unittests/TransactionApplicationTest.cpp
+++ b/services/surfaceflinger/tests/unittests/TransactionApplicationTest.cpp
@@ -386,7 +386,7 @@
transaction.applyToken,
transaction.inputWindowCommands,
transaction.desiredPresentTime,
- transaction.isAutoTimestamp, {}, systemTime(), 0,
+ transaction.isAutoTimestamp, {}, systemTime(),
mHasListenerCallbacks, mCallbacks, getpid(),
static_cast<int>(getuid()), transaction.id);
mFlinger.setTransactionStateInternal(transactionState);
diff --git a/services/surfaceflinger/tests/utils/WindowInfosListenerUtils.h b/services/surfaceflinger/tests/utils/WindowInfosListenerUtils.h
new file mode 100644
index 0000000..8e28a75
--- /dev/null
+++ b/services/surfaceflinger/tests/utils/WindowInfosListenerUtils.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+#include <gui/SurfaceComposerClient.h>
+#include <private/android_filesystem_config.h>
+#include <cstdint>
+#include <future>
+
+namespace android {
+using Transaction = SurfaceComposerClient::Transaction;
+using gui::DisplayInfo;
+using gui::WindowInfo;
+
+using WindowInfosPredicate = std::function<bool(const std::vector<WindowInfo>&)>;
+
+class WindowInfosListenerUtils {
+public:
+ WindowInfosListenerUtils() { mClient = sp<SurfaceComposerClient>::make(); }
+
+ bool waitForWindowInfosPredicate(const WindowInfosPredicate& predicate) {
+ std::promise<void> promise;
+ auto listener = sp<WindowInfosListener>::make(std::move(predicate), promise);
+ mClient->addWindowInfosListener(listener);
+ auto future = promise.get_future();
+ bool satisfied = future.wait_for(std::chrono::seconds{1}) == std::future_status::ready;
+ mClient->removeWindowInfosListener(listener);
+ return satisfied;
+ }
+
+ static const WindowInfo* findMatchingWindowInfo(const WindowInfo& targetWindowInfo,
+ const std::vector<WindowInfo>& windowInfos) {
+ for (const WindowInfo& windowInfo : windowInfos) {
+ if (windowInfo.token == targetWindowInfo.token) {
+ return &windowInfo;
+ }
+ }
+ return nullptr;
+ }
+
+private:
+ struct WindowInfosListener : public gui::WindowInfosListener {
+ public:
+ WindowInfosListener(WindowInfosPredicate predicate, std::promise<void>& promise)
+ : mPredicate(std::move(predicate)), mPromise(promise) {}
+
+ void onWindowInfosChanged(const gui::WindowInfosUpdate& update) override {
+ if (mPredicate(update.windowInfos)) {
+ mPromise.set_value();
+ }
+ }
+
+ private:
+ WindowInfosPredicate mPredicate;
+ std::promise<void>& mPromise;
+ };
+
+ sp<SurfaceComposerClient> mClient;
+};
+
+} // namespace android