Merge "Fix RenderArea use after free error"
diff --git a/services/sensorservice/SensorEventConnection.cpp b/services/sensorservice/SensorEventConnection.cpp
index a3a62a1..b94b1c0 100644
--- a/services/sensorservice/SensorEventConnection.cpp
+++ b/services/sensorservice/SensorEventConnection.cpp
@@ -82,7 +82,7 @@
void SensorService::SensorEventConnection::dump(String8& result) {
Mutex::Autolock _l(mConnectionLock);
result.appendFormat("\tOperating Mode: ");
- if (!mService->isWhiteListedPackage(getPackageName())) {
+ if (!mService->isAllowListedPackage(getPackageName())) {
result.append("RESTRICTED\n");
} else if (mDataInjectionMode) {
result.append("DATA_INJECTION\n");
@@ -124,7 +124,7 @@
using namespace service::SensorEventConnectionProto;
Mutex::Autolock _l(mConnectionLock);
- if (!mService->isWhiteListedPackage(getPackageName())) {
+ if (!mService->isAllowListedPackage(getPackageName())) {
proto->write(OPERATING_MODE, OP_MODE_RESTRICTED);
} else if (mDataInjectionMode) {
proto->write(OPERATING_MODE, OP_MODE_DATA_INJECTION);
@@ -850,7 +850,7 @@
// Unregister call backs.
return 0;
}
- if (!mService->isWhiteListedPackage(mPackageName)) {
+ if (!mService->isAllowListedPackage(mPackageName)) {
ALOGE("App not allowed to inject data, dropping event"
"package=%s uid=%d", mPackageName.string(), mUid);
return 0;
diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp
index 0cfc72f..5c98614 100644
--- a/services/sensorservice/SensorService.cpp
+++ b/services/sensorservice/SensorService.cpp
@@ -65,6 +65,7 @@
#include <ctime>
#include <future>
+#include <string>
#include <private/android_filesystem_config.h>
@@ -548,80 +549,22 @@
if (args.size() > 2) {
return INVALID_OPERATION;
}
- ConnectionSafeAutolock connLock = mConnectionHolder.lock(mLock);
- SensorDevice& dev(SensorDevice::getInstance());
- if (args.size() == 2 && args[0] == String16("restrict")) {
- // If already in restricted mode. Ignore.
- if (mCurrentOperatingMode == RESTRICTED) {
- return status_t(NO_ERROR);
+ if (args.size() > 0) {
+ Mode targetOperatingMode = NORMAL;
+ std::string inputStringMode = String8(args[0]).string();
+ if (getTargetOperatingMode(inputStringMode, &targetOperatingMode)) {
+ status_t error = changeOperatingMode(args, targetOperatingMode);
+ // Dump the latest state only if no error was encountered.
+ if (error != NO_ERROR) {
+ return error;
+ }
}
- // If in any mode other than normal, ignore.
- if (mCurrentOperatingMode != NORMAL) {
- return INVALID_OPERATION;
- }
+ }
- mCurrentOperatingMode = RESTRICTED;
- // temporarily stop all sensor direct report and disable sensors
- disableAllSensorsLocked(&connLock);
- mWhiteListedPackage.setTo(String8(args[1]));
- return status_t(NO_ERROR);
- } else if (args.size() == 1 && args[0] == String16("enable")) {
- // If currently in restricted mode, reset back to NORMAL mode else ignore.
- if (mCurrentOperatingMode == RESTRICTED) {
- mCurrentOperatingMode = NORMAL;
- // enable sensors and recover all sensor direct report
- enableAllSensorsLocked(&connLock);
- }
- if (mCurrentOperatingMode == REPLAY_DATA_INJECTION) {
- dev.disableAllSensors();
- }
- if (mCurrentOperatingMode == DATA_INJECTION ||
- mCurrentOperatingMode == REPLAY_DATA_INJECTION) {
- resetToNormalModeLocked();
- }
- mWhiteListedPackage.clear();
- return status_t(NO_ERROR);
- } else if (args.size() == 2 && args[0] == String16("data_injection")) {
- if (mCurrentOperatingMode == NORMAL) {
- dev.disableAllSensors();
- status_t err = dev.setMode(DATA_INJECTION);
- if (err == NO_ERROR) {
- mCurrentOperatingMode = DATA_INJECTION;
- } else {
- // Re-enable sensors.
- dev.enableAllSensors();
- }
- mWhiteListedPackage.setTo(String8(args[1]));
- return NO_ERROR;
- } else if (mCurrentOperatingMode == DATA_INJECTION) {
- // Already in DATA_INJECTION mode. Treat this as a no_op.
- return NO_ERROR;
- } else {
- // Transition to data injection mode supported only from NORMAL mode.
- return INVALID_OPERATION;
- }
- } else if (args.size() == 2 && args[0] == String16("replay_data_injection")
- && !SensorServiceUtil::isUserBuild()) {
- if (mCurrentOperatingMode == NORMAL) {
- dev.disableAllSensors();
- // Use DATA_INJECTION here since this value goes to the HAL and the HAL doesn't
- // have an understanding of replay vs. normal data injection.
- status_t err = dev.setMode(DATA_INJECTION);
- if (err == NO_ERROR) {
- mCurrentOperatingMode = REPLAY_DATA_INJECTION;
- }
- // Re-enable sensors.
- dev.enableAllSensors();
- mWhiteListedPackage.setTo(String8(args[1]));
- return NO_ERROR;
- } else if (mCurrentOperatingMode == REPLAY_DATA_INJECTION) {
- // Already in REPLAY_DATA_INJECTION mode. Treat this as a no_op.
- return NO_ERROR;
- } else {
- // Transition to data injection mode supported only from NORMAL mode.
- return INVALID_OPERATION;
- }
- } else if (args.size() == 1 && args[0] == String16("--proto")) {
+ ConnectionSafeAutolock connLock = mConnectionHolder.lock(mLock);
+ // Run the following logic if a transition isn't requested above based on the input
+ // argument parsing.
+ if (args.size() == 1 && args[0] == String16("--proto")) {
return dumpProtoLocked(fd, &connLock);
} else if (!mSensors.hasAnySensor()) {
result.append("No Sensors on the device\n");
@@ -680,14 +623,14 @@
result.appendFormat(" NORMAL\n");
break;
case RESTRICTED:
- result.appendFormat(" RESTRICTED : %s\n", mWhiteListedPackage.string());
+ result.appendFormat(" RESTRICTED : %s\n", mAllowListedPackage.string());
break;
case DATA_INJECTION:
- result.appendFormat(" DATA_INJECTION : %s\n", mWhiteListedPackage.string());
+ result.appendFormat(" DATA_INJECTION : %s\n", mAllowListedPackage.string());
break;
case REPLAY_DATA_INJECTION:
result.appendFormat(" REPLAY_DATA_INJECTION : %s\n",
- mWhiteListedPackage.string());
+ mAllowListedPackage.string());
break;
default:
result.appendFormat(" UNKNOWN\n");
@@ -809,11 +752,11 @@
break;
case RESTRICTED:
proto.write(OPERATING_MODE, OP_MODE_RESTRICTED);
- proto.write(WHITELISTED_PACKAGE, std::string(mWhiteListedPackage.string()));
+ proto.write(WHITELISTED_PACKAGE, std::string(mAllowListedPackage.string()));
break;
case DATA_INJECTION:
proto.write(OPERATING_MODE, OP_MODE_DATA_INJECTION);
- proto.write(WHITELISTED_PACKAGE, std::string(mWhiteListedPackage.string()));
+ proto.write(WHITELISTED_PACKAGE, std::string(mAllowListedPackage.string()));
break;
default:
proto.write(OPERATING_MODE, OP_MODE_UNKNOWN);
@@ -1545,7 +1488,7 @@
// operating in DI mode.
if (requestedMode == DATA_INJECTION) {
if (mCurrentOperatingMode != DATA_INJECTION) return nullptr;
- if (!isWhiteListedPackage(packageName)) return nullptr;
+ if (!isAllowListedPackage(packageName)) return nullptr;
}
uid_t uid = IPCThreadState::self()->getCallingUid();
@@ -1918,7 +1861,7 @@
ConnectionSafeAutolock connLock = mConnectionHolder.lock(mLock);
if (mCurrentOperatingMode != NORMAL && mCurrentOperatingMode != REPLAY_DATA_INJECTION &&
- !isWhiteListedPackage(connection->getPackageName())) {
+ !isAllowListedPackage(connection->getPackageName())) {
return INVALID_OPERATION;
}
@@ -2266,6 +2209,95 @@
}
}
+bool SensorService::getTargetOperatingMode(const std::string &inputString, Mode *targetModeOut) {
+ if (inputString == std::string("restrict")) {
+ *targetModeOut = RESTRICTED;
+ return true;
+ }
+ if (inputString == std::string("enable")) {
+ *targetModeOut = NORMAL;
+ return true;
+ }
+ if (inputString == std::string("data_injection")) {
+ *targetModeOut = DATA_INJECTION;
+ return true;
+ }
+ if (inputString == std::string("replay_data_injection")) {
+ *targetModeOut = REPLAY_DATA_INJECTION;
+ return true;
+ }
+ return false;
+}
+
+status_t SensorService::changeOperatingMode(const Vector<String16>& args,
+ Mode targetOperatingMode) {
+ ConnectionSafeAutolock connLock = mConnectionHolder.lock(mLock);
+ SensorDevice& dev(SensorDevice::getInstance());
+ if (mCurrentOperatingMode == targetOperatingMode) {
+ return NO_ERROR;
+ }
+ if (targetOperatingMode != NORMAL && args.size() < 2) {
+ return INVALID_OPERATION;
+ }
+ switch (targetOperatingMode) {
+ case NORMAL:
+ // If currently in restricted mode, reset back to NORMAL mode else ignore.
+ if (mCurrentOperatingMode == RESTRICTED) {
+ mCurrentOperatingMode = NORMAL;
+ // enable sensors and recover all sensor direct report
+ enableAllSensorsLocked(&connLock);
+ }
+ if (mCurrentOperatingMode == REPLAY_DATA_INJECTION) {
+ dev.disableAllSensors();
+ }
+ if (mCurrentOperatingMode == DATA_INJECTION ||
+ mCurrentOperatingMode == REPLAY_DATA_INJECTION) {
+ resetToNormalModeLocked();
+ }
+ mAllowListedPackage.clear();
+ return status_t(NO_ERROR);
+ case RESTRICTED:
+ // If in any mode other than normal, ignore.
+ if (mCurrentOperatingMode != NORMAL) {
+ return INVALID_OPERATION;
+ }
+
+ mCurrentOperatingMode = RESTRICTED;
+ // temporarily stop all sensor direct report and disable sensors
+ disableAllSensorsLocked(&connLock);
+ mAllowListedPackage.setTo(String8(args[1]));
+ return status_t(NO_ERROR);
+ case REPLAY_DATA_INJECTION:
+ if (SensorServiceUtil::isUserBuild()) {
+ return INVALID_OPERATION;
+ }
+ FALLTHROUGH_INTENDED;
+ case DATA_INJECTION:
+ if (mCurrentOperatingMode == NORMAL) {
+ dev.disableAllSensors();
+ // Always use DATA_INJECTION here since this value goes to the HAL and the HAL
+ // doesn't have an understanding of replay vs. normal data injection.
+ status_t err = dev.setMode(DATA_INJECTION);
+ if (err == NO_ERROR) {
+ mCurrentOperatingMode = targetOperatingMode;
+ }
+ if (err != NO_ERROR || targetOperatingMode == REPLAY_DATA_INJECTION) {
+ // Re-enable sensors.
+ dev.enableAllSensors();
+ }
+ mAllowListedPackage.setTo(String8(args[1]));
+ return NO_ERROR;
+ } else {
+ // Transition to data injection mode supported only from NORMAL mode.
+ return INVALID_OPERATION;
+ }
+ break;
+ default:
+ break;
+ }
+ return NO_ERROR;
+}
+
void SensorService::checkWakeLockState() {
ConnectionSafeAutolock connLock = mConnectionHolder.lock(mLock);
checkWakeLockStateLocked(&connLock);
@@ -2295,14 +2327,14 @@
}
}
-bool SensorService::isWhiteListedPackage(const String8& packageName) {
- return (packageName.contains(mWhiteListedPackage.string()));
+bool SensorService::isAllowListedPackage(const String8& packageName) {
+ return (packageName.contains(mAllowListedPackage.string()));
}
bool SensorService::isOperationRestrictedLocked(const String16& opPackageName) {
if (mCurrentOperatingMode == RESTRICTED) {
String8 package(opPackageName);
- return !isWhiteListedPackage(package);
+ return !isAllowListedPackage(package);
}
return false;
}
diff --git a/services/sensorservice/SensorService.h b/services/sensorservice/SensorService.h
index 64bc377..0798279 100644
--- a/services/sensorservice/SensorService.h
+++ b/services/sensorservice/SensorService.h
@@ -398,6 +398,9 @@
static bool hasPermissionForSensor(const Sensor& sensor);
static int getTargetSdkVersion(const String16& opPackageName);
static void resetTargetSdkVersionCache(const String16& opPackageName);
+ // Checks if the provided target operating mode is valid and returns the enum if it is.
+ static bool getTargetOperatingMode(const std::string &inputString, Mode *targetModeOut);
+ status_t changeOperatingMode(const Vector<String16>& args, Mode targetOperatingMode);
// SensorService acquires a partial wakelock for delivering events from wake up sensors. This
// method checks whether all the events from these wake up sensors have been delivered to the
// corresponding applications, if yes the wakelock is released.
@@ -423,7 +426,7 @@
// If SensorService is operating in RESTRICTED mode, only select whitelisted packages are
// allowed to register for or call flush on sensors. Typically only cts test packages are
// allowed.
- bool isWhiteListedPackage(const String8& packageName);
+ bool isAllowListedPackage(const String8& packageName);
// Returns true if a connection with the specified opPackageName has no access to sensors
// in the RESTRICTED mode (i.e. the service is in RESTRICTED mode, and the package is not
@@ -522,7 +525,7 @@
// applications with this packageName are allowed to activate/deactivate or call flush on
// sensors. To run CTS this is can be set to ".cts." and only CTS tests will get access to
// sensors.
- String8 mWhiteListedPackage;
+ String8 mAllowListedPackage;
int mNextSensorRegIndex;
Vector<SensorRegistrationInfo> mLastNSensorRegistrations;
diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp
index 2df3c22..5ceb12b 100644
--- a/services/surfaceflinger/SurfaceFlinger.cpp
+++ b/services/surfaceflinger/SurfaceFlinger.cpp
@@ -2884,15 +2884,15 @@
const auto enableFrameRateOverride = [&] {
using Config = scheduler::RefreshRateSelector::Config;
- if (!sysprop::enable_frame_rate_override(false)) {
+ if (!sysprop::enable_frame_rate_override(true)) {
return Config::FrameRateOverride::Disabled;
}
- if (sysprop::frame_rate_override_for_native_rates(true)) {
+ if (sysprop::frame_rate_override_for_native_rates(false)) {
return Config::FrameRateOverride::AppOverrideNativeRefreshRates;
}
- if (!sysprop::frame_rate_override_global(false)) {
+ if (!sysprop::frame_rate_override_global(true)) {
return Config::FrameRateOverride::AppOverride;
}