Loading camera/camera_platform.aconfig +7 −0 Original line number Original line Diff line number Diff line Loading @@ -22,6 +22,13 @@ flag { bug: "309627704" bug: "309627704" } } flag { namespace: "camera_platform" name: "watch_foreground_changes" description: "Request AppOps to notify changes in the foreground status of the client" bug: "290086710" } flag { flag { namespace: "camera_platform" namespace: "camera_platform" name: "log_ultrawide_usage" name: "log_ultrawide_usage" Loading services/camera/libcameraservice/CameraService.cpp +32 −11 Original line number Original line Diff line number Diff line Loading @@ -4288,8 +4288,15 @@ status_t CameraService::BasicClient::startCameraOps() { if (mAppOpsManager != nullptr) { if (mAppOpsManager != nullptr) { // Notify app ops that the camera is not available // Notify app ops that the camera is not available mOpsCallback = new OpsCallback(this); mOpsCallback = new OpsCallback(this); if (flags::watch_foreground_changes()) { mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA, toString16(mClientPackageName), AppOpsManager::WATCH_FOREGROUND_CHANGES, mOpsCallback); } else { mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA, mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA, toString16(mClientPackageName), mOpsCallback); toString16(mClientPackageName), mOpsCallback); } // Just check for camera acccess here on open - delay startOp until // Just check for camera acccess here on open - delay startOp until // camera frames start streaming in startCameraStreamingOps // camera frames start streaming in startCameraStreamingOps Loading Loading @@ -4450,6 +4457,11 @@ void CameraService::BasicClient::opChanged(int32_t op, const String16&) { } else if (res == AppOpsManager::MODE_IGNORED) { } else if (res == AppOpsManager::MODE_IGNORED) { bool isUidActive = sCameraService->mUidPolicy->isUidActive(mClientUid, mClientPackageName); bool isUidActive = sCameraService->mUidPolicy->isUidActive(mClientUid, mClientPackageName); // Uid may be active, but not visible to the user (e.g. PROCESS_STATE_FOREGROUND_SERVICE). // If not visible, but still active, then we want to block instead of muting the camera. int32_t procState = sCameraService->mUidPolicy->getProcState(mClientUid); bool isUidVisible = (procState <= ActivityManager::PROCESS_STATE_BOUND_TOP); bool isCameraPrivacyEnabled; bool isCameraPrivacyEnabled; if (flags::camera_privacy_allowlist()) { if (flags::camera_privacy_allowlist()) { isCameraPrivacyEnabled = sCameraService->isCameraPrivacyEnabled( isCameraPrivacyEnabled = sCameraService->isCameraPrivacyEnabled( Loading @@ -4460,12 +4472,20 @@ void CameraService::BasicClient::opChanged(int32_t op, const String16&) { } } ALOGI("Camera %s: Access for \"%s\" has been restricted, isUidTrusted %d, isUidActive %d" ALOGI("Camera %s: Access for \"%s\" has been restricted, isUidTrusted %d, isUidActive %d" " isCameraPrivacyEnabled %d", mCameraIdStr.c_str(), mClientPackageName.c_str(), " isUidVisible %d, isCameraPrivacyEnabled %d", mCameraIdStr.c_str(), mUidIsTrusted, isUidActive, isCameraPrivacyEnabled); mClientPackageName.c_str(), mUidIsTrusted, isUidActive, isUidVisible, // If the calling Uid is trusted (a native service), or the client Uid is active (WAR for isCameraPrivacyEnabled); // b/175320666), the AppOpsManager could return MODE_IGNORED. Do not treat such cases as // If the calling Uid is trusted (a native service), or the client Uid is active / visible // error. // (WAR for b/175320666)the AppOpsManager could return MODE_IGNORED. Do not treat such // cases as error. if (!mUidIsTrusted) { if (!mUidIsTrusted) { if (flags::watch_foreground_changes()) { if (isUidVisible && isCameraPrivacyEnabled && supportsCameraMute()) { setCameraMute(true); } else { block(); } } else { if (isUidActive && isCameraPrivacyEnabled && supportsCameraMute()) { if (isUidActive && isCameraPrivacyEnabled && supportsCameraMute()) { setCameraMute(true); setCameraMute(true); } else if (!isUidActive } else if (!isUidActive Loading @@ -4473,6 +4493,7 @@ void CameraService::BasicClient::opChanged(int32_t op, const String16&) { block(); block(); } } } } } } else if (res == AppOpsManager::MODE_ALLOWED) { } else if (res == AppOpsManager::MODE_ALLOWED) { setCameraMute(sCameraService->mOverrideCameraMuteMode); setCameraMute(sCameraService->mOverrideCameraMuteMode); } } Loading Loading
camera/camera_platform.aconfig +7 −0 Original line number Original line Diff line number Diff line Loading @@ -22,6 +22,13 @@ flag { bug: "309627704" bug: "309627704" } } flag { namespace: "camera_platform" name: "watch_foreground_changes" description: "Request AppOps to notify changes in the foreground status of the client" bug: "290086710" } flag { flag { namespace: "camera_platform" namespace: "camera_platform" name: "log_ultrawide_usage" name: "log_ultrawide_usage" Loading
services/camera/libcameraservice/CameraService.cpp +32 −11 Original line number Original line Diff line number Diff line Loading @@ -4288,8 +4288,15 @@ status_t CameraService::BasicClient::startCameraOps() { if (mAppOpsManager != nullptr) { if (mAppOpsManager != nullptr) { // Notify app ops that the camera is not available // Notify app ops that the camera is not available mOpsCallback = new OpsCallback(this); mOpsCallback = new OpsCallback(this); if (flags::watch_foreground_changes()) { mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA, toString16(mClientPackageName), AppOpsManager::WATCH_FOREGROUND_CHANGES, mOpsCallback); } else { mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA, mAppOpsManager->startWatchingMode(AppOpsManager::OP_CAMERA, toString16(mClientPackageName), mOpsCallback); toString16(mClientPackageName), mOpsCallback); } // Just check for camera acccess here on open - delay startOp until // Just check for camera acccess here on open - delay startOp until // camera frames start streaming in startCameraStreamingOps // camera frames start streaming in startCameraStreamingOps Loading Loading @@ -4450,6 +4457,11 @@ void CameraService::BasicClient::opChanged(int32_t op, const String16&) { } else if (res == AppOpsManager::MODE_IGNORED) { } else if (res == AppOpsManager::MODE_IGNORED) { bool isUidActive = sCameraService->mUidPolicy->isUidActive(mClientUid, mClientPackageName); bool isUidActive = sCameraService->mUidPolicy->isUidActive(mClientUid, mClientPackageName); // Uid may be active, but not visible to the user (e.g. PROCESS_STATE_FOREGROUND_SERVICE). // If not visible, but still active, then we want to block instead of muting the camera. int32_t procState = sCameraService->mUidPolicy->getProcState(mClientUid); bool isUidVisible = (procState <= ActivityManager::PROCESS_STATE_BOUND_TOP); bool isCameraPrivacyEnabled; bool isCameraPrivacyEnabled; if (flags::camera_privacy_allowlist()) { if (flags::camera_privacy_allowlist()) { isCameraPrivacyEnabled = sCameraService->isCameraPrivacyEnabled( isCameraPrivacyEnabled = sCameraService->isCameraPrivacyEnabled( Loading @@ -4460,12 +4472,20 @@ void CameraService::BasicClient::opChanged(int32_t op, const String16&) { } } ALOGI("Camera %s: Access for \"%s\" has been restricted, isUidTrusted %d, isUidActive %d" ALOGI("Camera %s: Access for \"%s\" has been restricted, isUidTrusted %d, isUidActive %d" " isCameraPrivacyEnabled %d", mCameraIdStr.c_str(), mClientPackageName.c_str(), " isUidVisible %d, isCameraPrivacyEnabled %d", mCameraIdStr.c_str(), mUidIsTrusted, isUidActive, isCameraPrivacyEnabled); mClientPackageName.c_str(), mUidIsTrusted, isUidActive, isUidVisible, // If the calling Uid is trusted (a native service), or the client Uid is active (WAR for isCameraPrivacyEnabled); // b/175320666), the AppOpsManager could return MODE_IGNORED. Do not treat such cases as // If the calling Uid is trusted (a native service), or the client Uid is active / visible // error. // (WAR for b/175320666)the AppOpsManager could return MODE_IGNORED. Do not treat such // cases as error. if (!mUidIsTrusted) { if (!mUidIsTrusted) { if (flags::watch_foreground_changes()) { if (isUidVisible && isCameraPrivacyEnabled && supportsCameraMute()) { setCameraMute(true); } else { block(); } } else { if (isUidActive && isCameraPrivacyEnabled && supportsCameraMute()) { if (isUidActive && isCameraPrivacyEnabled && supportsCameraMute()) { setCameraMute(true); setCameraMute(true); } else if (!isUidActive } else if (!isUidActive Loading @@ -4473,6 +4493,7 @@ void CameraService::BasicClient::opChanged(int32_t op, const String16&) { block(); block(); } } } } } } else if (res == AppOpsManager::MODE_ALLOWED) { } else if (res == AppOpsManager::MODE_ALLOWED) { setCameraMute(sCameraService->mOverrideCameraMuteMode); setCameraMute(sCameraService->mOverrideCameraMuteMode); } } Loading
