Loading camera/camera_platform.aconfig +10 −0 Original line number Diff line number Diff line Loading @@ -160,3 +160,13 @@ flag { bug: "297083874" } flag { namespace: "camera_platform" name: "cache_permission_services" description: "Cache IPermissionController and IPermissionChecker in CameraService to reduce query latency." bug: "326139956" metadata { purpose: PURPOSE_BUGFIX } } services/camera/libcameraservice/CameraService.cpp +20 −5 Original line number Diff line number Diff line Loading @@ -2309,16 +2309,31 @@ bool CameraService::isCameraPrivacyEnabled(const String16& packageName, const st std::string CameraService::getPackageNameFromUid(int clientUid) { std::string packageName(""); sp<IPermissionController> permCtrl; if (flags::cache_permission_services()) { permCtrl = getPermissionController(); } else { sp<IServiceManager> sm = defaultServiceManager(); #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wdeprecated-declarations" // Using deprecated function to preserve functionality until the // cache_permission_services flag is removed. sp<IBinder> binder = sm->getService(toString16(kPermissionServiceName)); #pragma clang diagnostic pop if (binder == 0) { ALOGE("Cannot get permission service"); permCtrl = nullptr; } else { permCtrl = interface_cast<IPermissionController>(binder); } } if (permCtrl == nullptr) { // Return empty package name and the further interaction // with camera will likely fail return packageName; } sp<IPermissionController> permCtrl = interface_cast<IPermissionController>(binder); Vector<String16> packages; permCtrl->getPackagesForUid(clientUid, packages); Loading services/camera/libcameraservice/CameraService.h +21 −1 Original line number Diff line number Diff line Loading @@ -34,6 +34,7 @@ #include <binder/IServiceManager.h> #include <binder/IActivityManager.h> #include <binder/IAppOpsCallback.h> #include <binder/IPermissionController.h> #include <binder/IUidObserver.h> #include <hardware/camera.h> #include <sensorprivacy/SensorPrivacyManager.h> Loading Loading @@ -675,6 +676,25 @@ private: return activityManager; } static const sp<IPermissionController>& getPermissionController() { static const char* kPermissionControllerService = "permission"; static thread_local sp<IPermissionController> sPermissionController = nullptr; if (sPermissionController == nullptr || !IInterface::asBinder(sPermissionController)->isBinderAlive()) { sp<IServiceManager> sm = defaultServiceManager(); sp<IBinder> binder = sm->checkService(toString16(kPermissionControllerService)); if (binder == nullptr) { ALOGE("%s: Could not get permission service", __FUNCTION__); sPermissionController = nullptr; } else { sPermissionController = interface_cast<IPermissionController>(binder); } } return sPermissionController; } /** * Typesafe version of device status, containing both the HAL-layer and the service interface- * layer values. Loading services/camera/libcameraservice/utils/AttributionAndPermissionUtils.cpp +13 −3 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ #include <binder/AppOpsManager.h> #include <binder/PermissionController.h> #include <com_android_internal_camera_flags.h> #include <cutils/properties.h> #include <private/android_filesystem_config.h> Loading @@ -26,6 +27,8 @@ namespace android { namespace flags = com::android::internal::camera::flags; const std::string AttributionAndPermissionUtils::sDumpPermission("android.permission.DUMP"); const std::string AttributionAndPermissionUtils::sManageCameraPermission( "android.permission.MANAGE_CAMERA"); Loading Loading @@ -75,9 +78,16 @@ bool AttributionAndPermissionUtils::checkPermissionForPreflight(const std::strin return true; } if (!flags::cache_permission_services()) { PermissionChecker permissionChecker; return permissionChecker.checkPermissionForPreflight(toString16(permission), attributionSource, toString16(message), attributedOpCode) != PermissionChecker::PERMISSION_HARD_DENIED; return permissionChecker.checkPermissionForPreflight( toString16(permission), attributionSource, toString16(message), attributedOpCode) != PermissionChecker::PERMISSION_HARD_DENIED; } else { return mPermissionChecker->checkPermissionForPreflight( toString16(permission), attributionSource, toString16(message), attributedOpCode) != PermissionChecker::PERMISSION_HARD_DENIED; } } // Can camera service trust the caller based on the calling UID? Loading services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h +6 −2 Original line number Diff line number Diff line Loading @@ -95,6 +95,10 @@ protected: bool checkAutomotivePrivilegedClient(const std::string &cameraId, const AttributionSourceState &attributionSource); private: std::unique_ptr<permission::PermissionChecker> mPermissionChecker = std::make_unique<permission::PermissionChecker>(); }; /** Loading Loading
camera/camera_platform.aconfig +10 −0 Original line number Diff line number Diff line Loading @@ -160,3 +160,13 @@ flag { bug: "297083874" } flag { namespace: "camera_platform" name: "cache_permission_services" description: "Cache IPermissionController and IPermissionChecker in CameraService to reduce query latency." bug: "326139956" metadata { purpose: PURPOSE_BUGFIX } }
services/camera/libcameraservice/CameraService.cpp +20 −5 Original line number Diff line number Diff line Loading @@ -2309,16 +2309,31 @@ bool CameraService::isCameraPrivacyEnabled(const String16& packageName, const st std::string CameraService::getPackageNameFromUid(int clientUid) { std::string packageName(""); sp<IPermissionController> permCtrl; if (flags::cache_permission_services()) { permCtrl = getPermissionController(); } else { sp<IServiceManager> sm = defaultServiceManager(); #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wdeprecated-declarations" // Using deprecated function to preserve functionality until the // cache_permission_services flag is removed. sp<IBinder> binder = sm->getService(toString16(kPermissionServiceName)); #pragma clang diagnostic pop if (binder == 0) { ALOGE("Cannot get permission service"); permCtrl = nullptr; } else { permCtrl = interface_cast<IPermissionController>(binder); } } if (permCtrl == nullptr) { // Return empty package name and the further interaction // with camera will likely fail return packageName; } sp<IPermissionController> permCtrl = interface_cast<IPermissionController>(binder); Vector<String16> packages; permCtrl->getPackagesForUid(clientUid, packages); Loading
services/camera/libcameraservice/CameraService.h +21 −1 Original line number Diff line number Diff line Loading @@ -34,6 +34,7 @@ #include <binder/IServiceManager.h> #include <binder/IActivityManager.h> #include <binder/IAppOpsCallback.h> #include <binder/IPermissionController.h> #include <binder/IUidObserver.h> #include <hardware/camera.h> #include <sensorprivacy/SensorPrivacyManager.h> Loading Loading @@ -675,6 +676,25 @@ private: return activityManager; } static const sp<IPermissionController>& getPermissionController() { static const char* kPermissionControllerService = "permission"; static thread_local sp<IPermissionController> sPermissionController = nullptr; if (sPermissionController == nullptr || !IInterface::asBinder(sPermissionController)->isBinderAlive()) { sp<IServiceManager> sm = defaultServiceManager(); sp<IBinder> binder = sm->checkService(toString16(kPermissionControllerService)); if (binder == nullptr) { ALOGE("%s: Could not get permission service", __FUNCTION__); sPermissionController = nullptr; } else { sPermissionController = interface_cast<IPermissionController>(binder); } } return sPermissionController; } /** * Typesafe version of device status, containing both the HAL-layer and the service interface- * layer values. Loading
services/camera/libcameraservice/utils/AttributionAndPermissionUtils.cpp +13 −3 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ #include <binder/AppOpsManager.h> #include <binder/PermissionController.h> #include <com_android_internal_camera_flags.h> #include <cutils/properties.h> #include <private/android_filesystem_config.h> Loading @@ -26,6 +27,8 @@ namespace android { namespace flags = com::android::internal::camera::flags; const std::string AttributionAndPermissionUtils::sDumpPermission("android.permission.DUMP"); const std::string AttributionAndPermissionUtils::sManageCameraPermission( "android.permission.MANAGE_CAMERA"); Loading Loading @@ -75,9 +78,16 @@ bool AttributionAndPermissionUtils::checkPermissionForPreflight(const std::strin return true; } if (!flags::cache_permission_services()) { PermissionChecker permissionChecker; return permissionChecker.checkPermissionForPreflight(toString16(permission), attributionSource, toString16(message), attributedOpCode) != PermissionChecker::PERMISSION_HARD_DENIED; return permissionChecker.checkPermissionForPreflight( toString16(permission), attributionSource, toString16(message), attributedOpCode) != PermissionChecker::PERMISSION_HARD_DENIED; } else { return mPermissionChecker->checkPermissionForPreflight( toString16(permission), attributionSource, toString16(message), attributedOpCode) != PermissionChecker::PERMISSION_HARD_DENIED; } } // Can camera service trust the caller based on the calling UID? Loading
services/camera/libcameraservice/utils/AttributionAndPermissionUtils.h +6 −2 Original line number Diff line number Diff line Loading @@ -95,6 +95,10 @@ protected: bool checkAutomotivePrivilegedClient(const std::string &cameraId, const AttributionSourceState &attributionSource); private: std::unique_ptr<permission::PermissionChecker> mPermissionChecker = std::make_unique<permission::PermissionChecker>(); }; /** Loading
