Add mechanism for a task's windows to be trusted overlays (SF)
- Add a layer state to indicate that this layer and its children
in the hierarchy are trusted. This can only be set by callers
holding ACCESS_SURFACE_FLINGER, and will be used for the PIP
task layer to indicate that activities in PIP are trusted (as
they are controlled only by the user and SystemUI)
Bug: 191529039
Bug: 196389741
Test: TBD
Change-Id: Id92ccb087bd0d8dbaeeef3ba50b67fe015e53db8
Merged-In: Id92ccb087bd0d8dbaeeef3ba50b67fe015e53db8
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp
index 4a60d5c..4947210 100644
--- a/services/surfaceflinger/SurfaceFlinger.cpp
+++ b/services/surfaceflinger/SurfaceFlinger.cpp
@@ -3858,6 +3858,15 @@
flags |= eTraversalNeeded | eTransformHintUpdateNeeded;
}
}
+ if (what & layer_state_t::eTrustedOverlayChanged) {
+ if (privileged) {
+ if (layer->setTrustedOverlay(s.isTrustedOverlay)) {
+ flags |= eTraversalNeeded;
+ }
+ } else {
+ ALOGE("Attempt to set trusted overlay without permission ACCESS_SURFACE_FLINGER");
+ }
+ }
// This has to happen after we reparent children because when we reparent to null we remove
// child layers from current state and remove its relative z. If the children are reparented in
// the same transaction, then we have to make sure we reparent the children first so we do not