SurfaceFlinger: add a backdoor to override display config
To generate a config change (and override all other config changes):
adb shell service call SurfaceFlinger 1035 i32 <config_id>
To disable backdoor override:
adb shell service call SurfaceFlinger 1035 i32 -1
Test: change configs from backdoor
Fixes: 130044117
Change-Id: Iab5a4ca4866139946ca3f8a6ac78fa9e13fe6d00
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp
index bd3f156..fb0c712 100644
--- a/services/surfaceflinger/SurfaceFlinger.cpp
+++ b/services/surfaceflinger/SurfaceFlinger.cpp
@@ -5007,7 +5007,7 @@
}
// Numbers from 1000 to 1034 are currently used for backdoors. The code
// in onTransact verifies that the user is root, and has access to use SF.
- if (code >= 1000 && code <= 1034) {
+ if (code >= 1000 && code <= 1035) {
ALOGV("Accessing SurfaceFlinger through backdoor code: %u", code);
return OK;
}
@@ -5330,6 +5330,19 @@
}
return NO_ERROR;
}
+ case 1035: {
+ n = data.readInt32();
+ mDebugDisplayConfigSetByBackdoor = false;
+ if (n >= 0) {
+ const auto displayToken = getInternalDisplayToken();
+ status_t result = setAllowedDisplayConfigs(displayToken, {n});
+ if (result != NO_ERROR) {
+ return result;
+ }
+ mDebugDisplayConfigSetByBackdoor = true;
+ }
+ return NO_ERROR;
+ }
}
}
return err;
@@ -5846,6 +5859,11 @@
return BAD_VALUE;
}
+ if (mDebugDisplayConfigSetByBackdoor) {
+ // ignore this request as config is overridden by backdoor
+ return NO_ERROR;
+ }
+
postMessageSync(new LambdaMessage([&]() NO_THREAD_SAFETY_ANALYSIS {
const auto display = getDisplayDeviceLocked(displayToken);
if (!display) {