Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6490085d authored by Shuzhen Wang's avatar Shuzhen Wang
Browse files

Camera: Handle opChanged callback with IGNORED for shell permission

- Camera CTS assumes shell permission identity to test camera.
- An opChanged() callback can still occur during a camera session even though
the opCode remains IGNORED.

If both of the above conditions are true, the camera server shouldn't revoke the camera
access. Allow camera access if the Uid is in active state.

Test: Run FastBasicsTest with forrest
Bug: 175320666
Change-Id: I1f680337ab6f5796fe57da4d20264c224bcc50f4
parent 34cee631
Loading
Loading
Loading
Loading
+12 −1
Original line number Diff line number Diff line
@@ -2932,10 +2932,21 @@ void CameraService::BasicClient::opChanged(int32_t op, const String16&) {
            res == AppOpsManager::MODE_ERRORED ? "ERRORED" :
            "UNKNOWN");

    if (res != AppOpsManager::MODE_ALLOWED) {
    if (res == AppOpsManager::MODE_ERRORED) {
        ALOGI("Camera %s: Access for \"%s\" revoked", mCameraIdStr.string(),
              String8(mClientPackageName).string());
        block();
    } else if (res == AppOpsManager::MODE_IGNORED) {
        bool isUidActive = sCameraService->mUidPolicy->isUidActive(mClientUid, mClientPackageName);
        ALOGI("Camera %s: Access for \"%s\" has been restricted, isUidTrusted %d, isUidActive %d",
                mCameraIdStr.string(), String8(mClientPackageName).string(),
                mUidIsTrusted, isUidActive);
        // If the calling Uid is trusted (a native service), or the client Uid is active (WAR for
        // b/175320666), the AppOpsManager could return MODE_IGNORED. Do not treat such cases as
        // error.
        if (!mUidIsTrusted && !isUidActive) {
            block();
        }
    }
}